The UPDATE statement in the following code reads past the end of an
array and passes an invalid pointer to the authorizer callback:

CREATE TABLE t1(a,b,c,d,e,f,g,h);
UPDATE t1 SET rowid=rowid+100;

The problem can be seen by running the script above in the sqlite3 command-line
shell using valgrind. This problem has been in the code since version 2.7.6
circa 2003-01-25 and appears to have been added by check-in
[45de93f913a18026a]. The problem has not been noticed before now because
it is obscure and mostly harmless - unless the authorizer is used on an UPDATE
statement that changes the ROWID the worst
that can happen is a single read past the end of an array.

drh added on 2013-05-06 13:45:39:

An additional requirement for hitting this bug is that the number of columns
in the table being updated must be a multiple of 8.

This page was generated in about
0.02s by
Fossil version 2.3 [2a615bed11] 2017-07-31 17:42:57